- 利用ActionFilterAttribute解析外部接受数据,并验签
/// <summary>
/// 外部api请求时,进行签名校验
/// </summary>
public class ExterApiFilter : ActionFilterAttribute
{
string token = "abc@#";
/// <summary>
/// 进入系统,对外部请求的进行验签操作
/// 1、除签名外字段按ASCII码从小到大排序
/// 2、最后连接私有的token
/// 3、按key=value形式拼接
/// 4、签名校验
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
//入参解析
var paras = filterContext.ActionParameters;
var i = filterContext.ActionDescriptor.GetParameters();
Dictionary<string, object> inParamDics = new Dictionary<string, object>();//入参集合
foreach (var item in i)
{
var itemType = item.ParameterType;
if (itemType.IsClass && !itemType.Name.Equals("String", System.StringComparison.OrdinalIgnoreCase))//类
{
GetPropertyDic(inParamDics, itemType.GetProperties(), filterContext.ActionParameters[item.ParameterName]);
}
else
{
if (!inParamDics.ContainsKey(item.ParameterName)) inParamDics.Add(item.ParameterName, filterContext.Controller.ValueProvider.GetValue(item.ParameterName).AttemptedValue);
}
}
Dictionary<string, string> inParam = new Dictionary<string, string>();
string sign = string.Empty;
#region 解析数据
if (inParamDics.Keys.Contains("sign"))
{
sign = inParamDics["sign"]?.ToString();
}
inParam = inParamDics.Where(x => !string.IsNullOrEmpty(x.Value?.ToString())).ToDictionary(k => k.Key, k => k.Value?.ToString());
if (inParam.ContainsKey("sign")) inParam.Remove("sign");
var signScret = new Dictionary<string, string>() { ["token"] &#